// Singapore-based Senior Penetration Tester
SUBJECT IDENTIFIED

BRENDON TEO

Senior Penetration Tester · Singapore
CRITICAL CVE CVE-2024-40125
9.8
Unauthenticated RCE · Full Admin on Windows · NVD Published
0 Years Active
|
1 CVEs Filed
|
0 Sectors
View CVEs Read Research
bash — brendon@sg-lab
~$ whoami
Brendon Teo · Sr. Penetration Tester · SG
~$ cat cves.txt
[CRITICAL 9.8] CVE-2024-40125
[+] Unauthenticated RCE — Full Admin
~$ cat specializations.txt
> Web & Infrastructure VAPT
> Active Directory Testing
> Kiosk & Thick Client PT
> Source Code Reviews
~$ cat sectors.txt
Government | MNCs | SMEs
~$ _
01

About

I don't wait for attackers to find the holes. I find them first.

Based in Singapore, I'm a senior penetration tester who has spent the last 4 years breaking into things legally. My experience spans across government agencies, global MNCs and SMEs across Singapore. Whether it's a misconfigured JWT, or an exposed Admin Panel prone to CVEs, I've tried a few stuff during the years and really enjoy discovering new vulnerabilities.

Notably, I discovered a CRITICAL 9.8 CVE granting full administrative access on a Windows Endpoint. Hopefully, there will be more CVEs to come below!

// Certifications
🏆 OSCP OffSec
🏆 OSEP OffSec
🏆 OSWE OffSec
🎯 CRT CREST
🎯 CEH Master EC-Council
📋 CKBPro SecOps Group
🤖 C-AI/ML SecOps Group
🌐 CCNA CyberOps Cisco

Specialisations

Web VAPT Infra VAPT / OT VAPT Active Directory Testing Kiosk PT Thick Client PT Source Code Review Mobile App Testing Cloud (Azure / AWS) Phishing Campaigns Host Config Reviews Risk Assessments

Tooling

Burp Suite Pro Metasploit Sliver Framework Nessus Professional CIS-CAT Assessor BloodHound Frida Ghidra IDA Pro WinDBG MobSF nmap

Sectors

🏛 Government 🏢 MNCs 🏗 SMEs
02

CVE Database

Live count synced from GitHub · 1 CVE(s) published
CVE-2024-40125 CRITICAL 9.8

Arbitrary File Upload → RCE in Closed-Loop Technology CLESS Server v4.5.2

Unauthenticated arbitrary file upload in the Media Manager function allows attackers to upload a crafted PHP file and execute arbitrary code — yielding full administrative access on Windows.

RCE File Upload CWE-434 Windows CVSS:3.1/AV:N/AC:L/PR:N/UI:N
Published: Sep 19, 2024 · NVD
NVD → PoC →
View All CVEs on GitHub
03

Research & Writeups

▒░▓
Certification · Medium Nov 2022

OSCP — How I Tried Harder

A candid breakdown of the OSCP journey — the pain, the methodology, the 24-hour exam war stories, and what it actually takes to earn one of offensive security's most respected certs. Pinned article on Medium.

Read on Medium →
CVE Advisory · Web Security Sep 2024

CVE-2024-40125: File Upload to Full Admin RCE

How a single unvalidated upload endpoint in CLESS Server v4.5.2 led to unauthenticated remote code execution and full Windows admin takeover. CVSS 9.8 CRITICAL.

Read PoC →
All Articles on Medium View All Writeups
04

My Custom Tools

🌐

BT-WebSuite

Custom web security testing suite — automated recon, parameter fuzzing, endpoint enumeration, and vulnerability discovery streamlined for Web VAPT engagements.

PythonWeb VAPT
GitHub →
📊

CIS-NessusToExcel

Converts Nessus CIS compliance scan results into structured, client-ready Excel reports with full summary of comply/non-comply findings. Eliminates hours of post-scan manual formatting.

PythonReporting
GitHub →
🔍

VA-Automater

Terminal-driven tool that automates VA reporting — removes risk-accepted findings, buckets by category, reassesses CVSS scores, and closes remediated findings in your tracking spreadsheet.

PythonInfra VAPT
GitHub →
💥

OSED-Automation

Automation scripts for exploit development workflows built during OSED prep. Handles bad character analysis, shellcode generation, and skeleton exploit scaffolding.

PythonExploit Dev
GitHub →
View All on GitHub
05

Contact

I would love to connect, if you just wanna talk about CyberSecurity or Pentesting in general. Feel free to reach out to me via any of my contact details below :)

For sensitive communications, please encrypt with my PGP key. Fastest responses via email or LinkedIn.

btkl123@gmail.com github.com/0xbr3n linkedin.com/in/brendon-teo-195971152 medium.com/@btkl123
PGP Public Key
-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBGn7lR8BEACqm/Pasn65iQo/TABVOenXXWFsBeb+KotpknVSkac0e39onna1 Djev2Jl3Oaj3zQeukSfaLCGzRHNEXWPn+dJXXvASkgVtk/sriGRDuR00QUU254c1 DP+v/yqEj2nTZNXeYjKWhg0utKAWEZQiAKICA8RUeSJYrrmy6m0ENxgoV2RS8N8K 9JaGinviM3p2+crfHMKTFdJtWQcK07n8+Vy7Dlfq/4MRkpPRrKwHGh37j667RFir fD1ZBCSrjsmpREcND7ClArTeO31iRvfown9T0otnemSfTbY8PP6dqp77lAYifNAZ QOW7etRsQnHMp/MxuSXCkewMavpW79aFB9hLxyt3bNaXIyg7s99RJ3HKLYonCzjM KzYF0xpcjf6+l1xKwd71e16Vo3vK1QLF+0SK7Qradfs1U5o1irr4bAVGN9/e9JB2 JZaVP4PDPPgY8OcFje9r10Gw5P214sQImR40k5FybfJ65aZg/JgtLWKUK/+wnWuM qlnu94hMPnwbFM+obp8jW92IYDwrV5LK3BViEEZrtatChBYkU6aSbjJthR4bnBUl DxhyDPzqmY0SfiFgRWYM6knrCNOg7gIunwTOJkaSB8nzIV+MaPdEar0OaqEdCk8H quyPEDXzp9cquFpj5trt32VtuPRxEaMQNA0gHsSMBjvrrtLIuTPKnKLB8wARAQAB tB9CcmVuZG9uIFRlbyA8YnRrbDEyM0BnbWFpbC5jb20+iQJzBBMBCABdFiEEp3F9 jXmdDEfRnSeeuhPO8k+dwDEFAmn7lR8bFIAAAAAABAAObWFudTIsMi41KzEuMTIs MiwxAhsDBQkDwmcABQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJELoTzvJP ncAxxLUP/A9RCOMg4ibx8kwAR6rbC0EsfsuBc1A/x5M9RhlceKGN52bf8W6f5UNA l/jW1Xen7kxRogAmU3/b1Grpv50GO8iw6uwEFGGBVqMwm0nAZLKcWP7iCoANGHyO xVnY5YoPORKG71kik2BBwxZsFJC3gZm6YVd/blbjgCpA2PAWyAgDwzhQVjbf9wZ9 5tGEXIU0Cr3CRdz//Cgf1s3qVgH95vq4qL+YZ826Srj9QYeoNozykOUwogYw6YDu uLcSrBEEjVvTnohKh1C6WxS3JIoQMMUkB6AxmIV0KkZ6exnTZxR+70hHep7OsvwP pD1nvhJnatGK8YPbRp/mzrHuFsrC9R+NoR+5W17GdPw8jblljaAge9f1PLVvOkiO U5atjddTg0EftD/In9/uVvHUC3wISMs1lYA5ApPAgrIfS5qPno4f4/ZaPOUosQ1E sN+/khgThcXfj23pFj7gGnK2GS82f7LD+z7EGyfUG1W0tDHiQ/jevy9EZ7sziswT 8AMm7GWDjeb79LyDsPwkz/qAMZE+uvcu0vtritIAZaySULSdB811lJhhpBcS8hP8 Q+WB/9moCOTxPy9knXycnDh4iSc20B9LGUCY8QN7n2V2tSqYvSDl/17lhnNyRtJu 1dfISq2tNlr9X7FGuI58ZMv9j0cnhwK0leMBsiKlrnKqOYm2AkokuQINBGn7lR8B EAC1MSAnxTjcEO9ZNmQ2lS9oWSIZEKMJaCEWvPLv0Z9Pw7oq0uxbPa5+rtAUXtKB C+PaJBPnjaPw0v+CrH/ferWgYVbW7BHA6M8SxUebK541ogkJBntqf/U4ziK4zTuo 1IGu3MCZ6MWHkj8Frp5vQ6eOXI9pu1+R2uSfRtTz4RlaOBfXRPLHB8VP0DqqAERG lzEBekwmkizN8ZcSgM5VZO2RgbG6N6OE0zsMj7CcaOyKO0yLww1SyOz5uohN20AV /6yd5UOxtXMSrAADS2gmciMk4Df91g+hhdJpTr1KG/V7m3SAdtOoWYnPLAzcJ6jb 5z6QBt+QT+jbr0mK1AU+iAVRqD1kIJJoiMLx2Xx9fG1Mi1rTpC8T492J8/eMMIrs tzHyA5xKQHFShRVsjJdbomVZesF2tvRLSVTIJRhFGZAQra88fuWyZETRnmixhphn GHmbHKqo3EvIShMvKAvdXrkXzmNT5SjTbpfs8EWphiWYpHod4WTKb0QzB0d6xGeX 65nTw3P0NPjPy5i3m3wSY8hKtKgMV992ZOoWQoThUdZsVTSiIPlu8s3Dbb6do9YZ +vGIS/9Omr7qg7vN25ezDEUECPzRNOm+MrZo11L05XUWzawRAN8CP9Ev1sppJ8Yk wRP5BKNGNb6LU0NqOoHQrE5w65zQp6dSwXerem9PuaPSeQARAQABiQJYBBgBCABC FiEEp3F9jXmdDEfRnSeeuhPO8k+dwDEFAmn7lR8bFIAAAAAABAAObWFudTIsMi41 KzEuMTIsMiwxAhsMBQkDwmcAAAoJELoTzvJPncAxsVUP/1gzzEnT7Sp/hk5Zxa6y xQlreWxks4QYYV+8+t9p8mBR7UTVQ6DzyNtAO8+aIfTR+1wrbhONKP2IN0Mu+8iW SNhozdnW8lI1EB3YpM+VN8mV5w6rb4r3WIXnBie2MrP9zJhITIljG9iaBXODRX0L xgeyiRmi8NihsaNc5mIkeMb5FMj7ucP0hGa8P1Eb3qw0V/Mj6kEXGE5ajOhL4vma kmaPfa4b6Wr24MvMBHc8BS7x//Vuezjx9jA00e9yKmPBwZ22RKp41bsJbcquLFjP Zp627e9BPKKjUhMjGw9wSpYnIzA/BJMHK8UE9o7HKJ76pYS9F1sU1G61JdyC2GpW 6854Ba3YRlzZTar/0KxtuPDKbQZD3yVyI0cI9K+L1vgP2Ozwv/n6JG74zDa8ycfS K9MWACrbhfCga5ujCBu/pJi/2dYnR6zTDfmCQJ7rXOs0h198hsrXlZS4GGyeWEbW /rMLcg6gqBA26tc90YJI7ieZP1HwosEBh1C5dwHAl2lryurGn9NcXoDopxn86l0U hmQ3iqhvJcvwWdtMgt7WvzqN1102LA70dTfy54LbwuYfMYKkuwiUxbDB4FBIf2zf RFAuIYrc5mNgNLq0mjWPOh4lIlq/g1hsUwjHgUUh1CoyTFTXzsfSVkb09TZhCqRG sq4YiZ2PEcSXhULXWFDM23ls =PQIu -----END PGP PUBLIC KEY BLOCK-----